From 02a13736d7657ffa285bfecbbfb4987152aa5011 Mon Sep 17 00:00:00 2001
From: Rafael Solorzano <61289255+rafasdc@users.noreply.github.com>
Date: Mon, 16 Sep 2024 13:08:32 -0700
Subject: [PATCH] chore: add limiter to correct function

---
 app/backend/lib/s3upload.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/backend/lib/s3upload.ts b/app/backend/lib/s3upload.ts
index f0c17660d..a577f8cbe 100644
--- a/app/backend/lib/s3upload.ts
+++ b/app/backend/lib/s3upload.ts
@@ -1,4 +1,5 @@
 import { Router } from 'express';
+import RateLimit from 'express-rate-limit';
 import formidable, { File } from 'formidable';
 import fs from 'fs';
 import config from '../../config';
@@ -8,9 +9,14 @@ import { commonFormidableConfig, parseForm } from './express-helper';
 
 const AWS_S3_BUCKET = config.get('AWS_S3_BUCKET');
 
+const limiter = RateLimit({
+  windowMs: 1 * 60 * 1000,
+  max: 2000,
+});
+
 const s3upload = Router();
 
-s3upload.post('/api/s3/upload', async (req, res) => {
+s3upload.post('/api/s3/upload', limiter, async (req, res) => {
   const authRole = getAuthRole(req);
   const isRoleAuthorized =
     authRole?.pgRole === 'ccbc_admin' ||